Overview

overview

10

Static

static

10

6d3554b10d...cf.exe

windows7_x64

6

6d3554b10d...cf.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf

  • Size

    25KB

  • Sample

    220625-hjcqrshhek

  • MD5

    f5f24f1f12f570fbc6c2322dbb791765

  • SHA1

    037725c071e9f0de3648cf8cdbe69bb9ebdeda57

  • SHA256

    6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf

  • SHA512

    0d8e6391960c53345ea4bbc68bfb4410a8fa588b11bb463783663b5105f91afa9612b03ad50bd84b48c4e23133d0a27025ed5665e1cc76d7ad3722c306dbade7

Score
10/10
hancitor1812_78213

Malware Config

Extracted

Family

hancitor

Botnet

1812_78213

C2

http://unceliet.com/4/forum.php

http://fitiondice.ru/4/forum.php

http://wordlegromin.ru/4/forum.php

Targets

    • Target

      6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf

    • Size

      25KB

    • MD5

      f5f24f1f12f570fbc6c2322dbb791765

    • SHA1

      037725c071e9f0de3648cf8cdbe69bb9ebdeda57

    • SHA256

      6d3554b10d8c1fbdd8be1b71ebf711de8d7985a7044880918733b8eb6ab9c6cf

    • SHA512

      0d8e6391960c53345ea4bbc68bfb4410a8fa588b11bb463783663b5105f91afa9612b03ad50bd84b48c4e23133d0a27025ed5665e1cc76d7ad3722c306dbade7

    Score
    6/10

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks